Mr P.J. Barrett (AM) - Auditor-General for Australia, presented at the InfoHRM Conference, Gold Coast

This edition of Audit Insights is targeted at Australian Government officials who have responsibility for the implementation of cyber security controls or strategy for government systems. The aim is to communicate lessons from our audit work to make it easier for people working within the Australian public sector to apply those lessons. It is drawn from audit reports tabled in 2019–20, 2020–21 and 2022–23 into management of cyber security risks.

The Audit Committee Chairs Forum is a joint initiative of the Department of Finance and the ANAO and includes the general government and non-general government sector Audit Committee Chairs. This communique covers the outcomes of the discussion at the forum on 15 June 2018 including updates from the Auditor-General and the ANAO, and from the Department of Finance.

The Australian National Audit Office provided a submission on 10 November 2017 to the statutory review of the Public Governance, Performance and Accountability Act 2013 (PGPA Act) and Public Governance, Performance and Accountability Rule 2014 (PGPA Rule).

The objective of the audit was to provide an independent assurance on the effectiveness of Defence and DMO's management of the acquisition of the ASLAV capability to Army. The audit examined the initial capability requirements and approval process, the contract negotiation process, and the management of the Project and Contracts by DMO.

The audit objective was to provide independent assurance to the Parliament on the effectiveness of Australian Public Service organisations in the use and management of the HRIS to satisfy mandatory reporting requirements, as well as provide meaningful information to management. The audit also considered the use of employee self service facilities offered by the HRIS, which has the capacity to provide staff with access to their personal information, reduce manual processing and streamline processing.

The audit assessed whether Centrelink has effective Business Continuity Management and/or associated risk management procedures and plans in place that: minimise the likelihood of a significant business outage; and in the event of such an outage, minimise disruption of critical services to customers. The audit also assessed whether Centrelink services satisfy special community demands in times of emergency.

The objective of this audit was to assess the progress made by DoHA and Medicare Australia (recommendation 3) in addressing the four recommendations from ANAO Audit Report No.50, 2000–01 designed to improve the administration and performance of NCSP.

The objective of the audit was to assess the Commonwealth's administration of the grants component of the R&D Start program. Lessons for the new Commercial Ready program have been identified in the audit. Accordingly, recommendations arising from this audit are directed, when appropriate, to the Commercial Ready program. As most financial assistance is in the form of grants, the loans component of the program was excluded from the audit.

The objective of this audit was to assess whether DFAT had effective processes for issuing passports in Australia. In particular, the audit focussed on whether DFAT had effective strategies for managing passport services; provided quality client service; and had effective and secure processes for passport issue to entitled persons.